<?php

// ##############################################################################||
// #                                                                 
// #   MySmartBB Version 1.7.0	                                      
// #   http://www.MySmartBB.com                                      
// #   Copyright (c) 2008 by MySmartBB team                           
// #   license http://opensource.org/licenses/gpl-license.php GNU Public License
// #                                                             
// #   filename : newreply.php                                         
// #   submit new reply        
// #                                                                  
// ##############################################################################||

// ** General definitions **

     define('NOT_IN_INDEX',0);
     include('common.php');
     include('includes/SmartCode.js');
     include('includes/pager.php');

     if (!isset($_GET['page']) OR $_GET['page'] < 1)
     {
         $_GET['page'] = 1;
     }

     $page  = intval($_GET['page']);
     $start = ($info_row['perpage'] * ($page-1));

     $RP = new Pager($page);
	 
     $SF->html_title_page('إضافة رد - (Powered By MySmartBB Universal)');
		 
// ** First Step TO Add reply **
     if ($_GET['add'] == 1)
     {

         $id = intval($_GET['subject_id']);

         $subject_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "subject WHERE id='" . $id . "'");
         $subject_num   = $DB->sql_num_rows($subject_query);
         $subject_row   = $DB->sql_fetch_array($subject_query);

         if (empty($_GET['subject_id']))
         {
             $SF->error('الرابط المتبع خاطئ');
         }

         if ($subject_row['close'] == 1 and $groupper_row['admincp_allow'] != 1)
         {
             $SF->error('المعذرة هذا الموضوع مغلق');
         }

         if ($subject_num <= 0)
         {
             $SF->error('المعذرة، الموضوع الذي تريد الرد عليه غير موجود');
         }

         $smiles_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "smiles WHERE smile_type='0' ORDER BY id ASC LIMIT 0,13");

         $smiles_row = array();
         while ($smile_row = $DB->sql_fetch_array($smiles_query))
         {
             $smiles_row[] = $smile_row;
             $Smarty->assign('smiles_row',$smiles_row);
         }

         $icons_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "smiles WHERE smile_type<>'0' ORDER BY id DESC");

         $icons_row = array();
         while ($icon_row = $DB->sql_fetch_array($icons_query))
         {
             $icons_row[] = $icon_row;
             $Smarty->assign('icons_row',$icons_row);
         }

         $section_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "section WHERE id='".$subject_row['section']."'");
         $section_row   = $DB->sql_fetch_array($section_query);

         if ($member_permission != 0)
         {
             $group_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "sectiongroup WHERE group_id='" . $member_row['usergroup'] . "' AND section_id='" . $section_row['id'] . "'");
             $group_row   = $DB->sql_fetch_array($group_query);
         }

         if ($member_permission == 0)
         {
             $group_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "sectiongroup WHERE group_id='7' AND section_id='" . $section_row['id'] . "'");
             $group_row   = $DB->sql_fetch_array($group_query);
         }

         if ($group_row['view_section'] == 0 or $group_row['write_reply'] == 0)
         {
             $SF->error('المعذرة، لا يمكنك كتابة ردود في هذا القسم');
         }

         $Smarty->assign_by_ref('section_row',$section_row);

         if (!empty($section_row['section_password']) and $groupper_row['admincp_allow'] != 1 and empty($_GET['password']))
         {
             $Smarty->display('section_password.tpl');
             $SF->MySmartBB_Exit();
         }

         if (!empty($section_row['section_password']) and $groupper_row['admincp_allow'] != 1 and !empty($_GET['password']))
         {
             $check_password = $DB->sql_num_rows($DB->sql_query("SELECT * FROM " . $db_prefix . "section WHERE id='" . $section_row['id'] . "' AND section_password='" . base64_decode($_GET['password']) . "'"));
             if ($check_password <= 0)
             {
                 $SF->error('المعذرة، كلمة المرور غير صحيحة');
             }
             else
             {
                 $url_password = '&password=' . htmlspecialchars($_GET['password']);
                 $Smarty->assign('url_password',$url_password);
             }
         }

         if ($_GET['qu_subject'] == 1)
         {
         	 /** Ouf , Kill XSS :/ , 1.5.0 Patch 2 **/
         	 $subject_row['title'] = htmlspecialchars($subject_row['title']);
         	 /** **/
             $qu = '[quote=' . $subject_row['writer'] . ']' . $subject_row['text'] . '[/quote]';
             $qu = htmlspecialchars($qu);
             $Smarty->assign('qu',$qu);
             
             
         }

         if (!empty($_GET['qu_reply']))
         {
             $qu_reply = $SF->SafeSQL($_GET['qu_reply']);
             $qu_reply = $SF->SafeOutPuts($_GET['qu_reply']);

             $r_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "reply WHERE id='" . $qu_reply . "' AND subject_id='" . $id . "'");
             $r_row   = $DB->sql_fetch_array($r_query);
             
             $qu = '[quote=' . $r_row['writer'] . ']' . $r_row['text'] . '[/quote]';
             $qu = htmlspecialchars($qu);

             $Smarty->assign('qu',$qu);
         }
         
         // MySmartBB 1.5.0 Patch 2
         $subject_row['title'] = htmlspecialchars($subject_row['title']);
         //

         $SF->GetSmartCode();
         $Smarty->assign_by_ref('section_row',$section_row);
         $Smarty->assign('s_id',$id);

         if ($section_row['sub_section'] == 1)
         {
             $getmainsection_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "section WHERE id = '".$section_row['from_sub_section']."'");
             $getmainsection_row   = $DB->sql_fetch_array($getmainsection_query);
             $Smarty->assign('path_bar','<a href=forum.php?show=1&id='.$getmainsection_row['id'].'>'.$getmainsection_row['title'].'</a> <img border="0" src="image/ric2.png"> <a href=forum.php?show=1&id='.$section_row['id'].'>'.$section_row['title'].'</a> <img border="0" src="image/ric2.png"> <a href=show.php?main=1&id="'.$id.'">'.$subject_row['title'].'</a> -> إضافة رد');
         }
         else
         {
             $Smarty->assign('path_bar','<a href=forum.php?show=1&id='.$section_row['id'].'>'.$section_row['title'].'</a> <img border="0" src="image/ric2.png"> <a href=show.php?main=1&id=' . $id . '>'.$subject_row['title'].'</a> <img border="0" src="image/ric2.png"> إضافة رد');
         }

         $Smarty->assign('subject_row',$subject_row);
         $Smarty->display('path-bar.tpl');

         if ($groupper_row['group_mod'] == 1 )
         {
             $get_modQry = $DB->sql_query("SELECT * FROM " . $db_prefix . "sectionadmin
                                           WHERE section_id = '" . $section_row['id'] . "'
                                           AND member_id = '" . $member_row['id'] . "'" );

             $Smarty->assign( 'moderator', ( $DB->sql_num_rows( $get_modQry ) <= 0 ) ? 0 : 1 );

             $Smarty->assign( 'stick', ( $subject_row['stick'] == 1 ) ? 1 : 0 );
             $Smarty->assign( 'close', ( $subject_row['close'] == 1 ) ? 1 : 0 );
         }

         $Smarty->assign('we_in',2);
         $temp = md5(time());
         $Smarty->assign('temp',$temp);
         $Smarty->display('post_add-subject.tpl');
                      #Reply Reviews
             $reply_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "reply WHERE subject_id='" . $subject_row['id'] . "' AND delete_topic<>'1' ORDER BY id DESC LIMIT $start," . ($info_row['subject_perpage'] +1) ."");
             $reply_num   = $DB->sql_num_rows($reply_query);
        $reply_number = $info_row['subject_perpage'] + 1;
        $Smarty->assign('reply_number',$reply_number);
        $Smarty->assign('reply_num',$reply_num);

             if ($reply_num == 0)
        {
                                          $Smarty->display('post_last-replies3.tpl');
        }
             elseif ($reply_num <= $info_row['subject_perpage'])
        {
                      $i = $start;

                      while ($reply_row = $DB->sql_fetch_array($reply_query))
            {

                    $replier_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "member WHERE username='" . $SF->SafeSQL($reply_row['writer']) . "'");
                $replier_num   = $DB->sql_num_rows($replier_query);

                               $i = $i+1;

                               while ($replier_row = $DB->sql_fetch_array($replier_query))
                    {
                    $Smarty->assign('writer_is_visitor',0);
                    $writer_is_visitor = 0;


                                $text = $reply_row['text'];

                                $text = str_replace('>', '&gt;', $text);
                                $text = str_replace('<', '&lt;', $text);

                                        $text = $SF->SmilesReplace($text);

                        if ($section_row['usesmartcode_allow'] == 1)
                        {
                            # thanks abuamal :)
                                                $text = preg_replace('#\[(code|php|html)\](.*)\[/\\1\]#siUe', "strip_smiles(str_replace('\\\"', '\"', '\\0'))", $text);
                                         $text = $SF->SmartCode_replace($text);
                                }

                                $getwritergroup_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "group WHERE id='" . $replier_row['usergroup'] . "'");
                                $getwritergroup_row   = $DB->sql_fetch_array($getwritergroup_query);

                                $writer_style         = $getwritergroup_row['username_style'];
                                $writer_style         = explode('[username]',$writer_style);
                                $writer_style         = $writer_style[0] . htmlspecialchars($replier_row['username']) . $writer_style[1];

                                if ($member_permission == 1)
                        {
                                         $topic_time   = $reply_row['gmt_time'];
                                         $subject_time = explode(':',$topic_time);
                                         $topic_time   = $subject_time[0]+$member_row['user_time'];
                                         $topic_time   = $topic_time.':'.$subject_time[1].':'.$subject_time[2];
                                }
                                else
                        {
                                         $topic_time   = $reply_row['gmt_time'];
                                }

                                          $Smarty->assign_by_ref('replier_row',$replier_row);
                                          $Smarty->assign_by_ref('reply_row',$reply_row);
                                          $Smarty->assign('topic_time',$topic_time);
                                          $Smarty->assign('i',$i);
                                          $Smarty->assign('writer_is_visitor',$w_is_visitor);
                                          $Smarty->assign('writer_style',$writer_style);
                                          $Smarty->assign('text',stripcslashes($text));
                                          $Smarty->assign('subject_id',intval($_GET['id']));

                                          $Smarty->display('post_last-replies1.tpl');

                               }
                      }
                      $Smarty->display('post_last-replies4.tpl');
        }
        else
        {
                      $i = $start;

                      while ($reply_row = $DB->sql_fetch_array($reply_query))
            {

                    $replier_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "member WHERE username='" . $SF->SafeSQL($reply_row['writer']) . "'");
                $replier_num   = $DB->sql_num_rows($replier_query);

                               $i = $i+1;

                               while ($replier_row = $DB->sql_fetch_array($replier_query))
                    {
                    $Smarty->assign('writer_is_visitor',0);
                    $writer_is_visitor = 0;


                                $text = $reply_row['text'];

                                $text = str_replace('>', '&gt;', $text);
                                $text = str_replace('<', '&lt;', $text);

                                        $text = $SF->SmilesReplace($text);

                        if ($section_row['usesmartcode_allow'] == 1)
                        {
                            # thanks abuamal :)
                                                $text = preg_replace('#\[(code|php|html)\](.*)\[/\\1\]#siUe', "strip_smiles(str_replace('\\\"', '\"', '\\0'))", $text);
                                         $text = $SF->SmartCode_replace($text);
                                }

                                $getwritergroup_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "group WHERE id='" . $replier_row['usergroup'] . "'");
                                $getwritergroup_row   = $DB->sql_fetch_array($getwritergroup_query);

                                $writer_style         = $getwritergroup_row['username_style'];
                                $writer_style         = explode('[username]',$writer_style);
                                $writer_style         = $writer_style[0] . htmlspecialchars($replier_row['username']) . $writer_style[1];

                                if ($member_permission == 1)
                        {
                                         $topic_time   = $reply_row['gmt_time'];
                                         $subject_time = explode(':',$topic_time);
                                         $topic_time   = $subject_time[0]+$member_row['user_time'];
                                         $topic_time   = $topic_time.':'.$subject_time[1].':'.$subject_time[2];
                                }
                                else
                        {
                                         $topic_time   = $reply_row['gmt_time'];
                                }

                                          $Smarty->assign_by_ref('replier_row',$replier_row);
                                          $Smarty->assign_by_ref('reply_row',$reply_row);
                                          $Smarty->assign('topic_time',$topic_time);
                                          $Smarty->assign('i',$i);
                                          $Smarty->assign('writer_is_visitor',$w_is_visitor);
                                          $Smarty->assign('writer_style',$writer_style);
                                          $Smarty->assign('text',stripcslashes($text));
                                          $Smarty->assign('subject_id',intval($_GET['id']));

                                          $Smarty->display('post_last-replies1.tpl');

                               }
                      }
                      $Smarty->display('post_last-replies2.tpl');
        }

         $Smarty->display('footer.tpl');
     }

// ** Second Step : Check insert data **

    elseif ($_GET['start'] == 1)
    {
         $id = intval($_GET['id']);

         if ($groupper_row['admincp_allow'] != 1)
         {
             if (trim ($member_row['lastpost_time']) != '')
             {
                 if ($member_permission == 1)
                 {
                     if ((time() - $info_row['floodctrl']) <= $member_row['lastpost_time'])
                     {
                         $SF->error ('المعذرة، لا يمكنك كتابة أي رد جديد إلا بعد'.$info_row['floodctrl'].' ثانية');
                     }
                 }
             }
         }

         $subject_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "subject WHERE id='" . $id . "'");
         $subject_num   = $DB->sql_num_rows($subject_query);
         $subject_row   = $DB->sql_fetch_array($subject_query);

         $section_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "section WHERE id='".$subject_row['section']."'");
         $section_row   = $DB->sql_fetch_array($section_query);

         if ($member_permission != 0)
         {
             $group_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "sectiongroup WHERE group_id='" . $member_row['usergroup'] . "' AND section_id='" . $subject_row['section'] . "'");
             $group_row   = $DB->sql_fetch_array($group_query);
         }

         if ($member_permission == 0)
         {
             $group_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "sectiongroup WHERE group_id='7' AND section_id='" . $subject_row['section'] . "'");
             $group_row   = $DB->sql_fetch_array($group_query);
         }

         if ($group_row['view_section'] == 0 or $group_row['write_reply'] == 0)
         {
             $SF->error('المعذرة، لا يمكنك كتابة ردود في هذا القسم');
         }

         $text = trim($_POST['S1']);

         if (strlen(trim($_POST['T1'])) > $info_row['post_title_max'])
         {
               $SF->error('عدد حروف عنوان الرد أكثر من (' . $info_row['post_title_max'] . ')');
         }

         if (strlen(trim($text)) > $info_row['post_text_max'])
         {
             $SF->error('عدد حروف الرد أكثر من (' . $info_row['post_text_max'] . ')');
         }

         if (strlen(trim($text)) < $info_row['post_text_min'])
         {
             $SF->error('عدد حروف الرد أقل من (' . $info_row['post_text_min'] . ')');
         }

         if (empty($text))
         {
             $SF->error('يرجى تعبئة كافة المعلومات');
         }

         if (empty($_GET['id']))
         {
             $SF->error('الرابط المتبع خطأ');
         }

         if ($subject_num <= 0)
         {
             $SF->error('المعذرة، الموضوع المطلوب غير موجود');
         }

         if ($subject_row['close'] == 1 and $groupper_row['admincp_allow'] != 1)
         {
             $SF->error('المعذرة هذا الموضوع مغلق');
         }

         $Smarty->assign_by_ref('section_row',$section_row);

         if (!empty($section_row['section_password']) and $groupper_row['admincp_allow'] != 1 and empty($_GET['password']))
         {
             $Smarty->display('section_password.tpl');
             $SF->MySmartBB_Exit();
         }

         if (!empty($section_row['section_password']) and $groupper_row['admincp_allow'] != 1 and !empty($_GET['password']))
         {
             $check_password = $DB->sql_num_rows($DB->sql_query("SELECT * FROM " . $db_prefix . "section WHERE id='" . $section_row['id'] . "' AND section_password='" . base64_decode($_GET['password']) . "'"));
             if ($check_password <= 0)
             {
                 $SF->error('المعذرة، كلمة المرور غير صحيحة');
             }
             else
             {
                 $url_password = '&password=' . htmlspecialchars($_GET['password']);
             }
         }
		 
		
		 $mode = 0;
         if ($groupper_row['group_mod'] == 1 )
         {
			if ( $groupper_row['stick_subject'] == 1 or  $groupper_row['close_subject'] == 1)
			{
             	$getsectionmod_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "sectionadmin WHERE section_id='" . $subject_row['section'] . "' AND member_id='" . $member_row['id']  . "'");
             	$getsectionmod_num   = $DB->sql_num_rows($getsectionmod_query);

             	if ($getsectionmod_num != 0)
             	{
                	$mode = 1;
             	}
			}

         }
		 elseif($groupper_row['admincp_allow'] == 1 or $groupper_row['vice'] == 1)
		  {
		    if ( $groupper_row['stick_subject'] == 1 or  $groupper_row['close_subject'] == 1)
			{
             	$mode = 1;
			}
		   }
         
         if ($mode == 1)
         {
         	$stick_post = ( $_POST['stick'] == 1 ) ? 1 : 0;
         	$close_post = ( $_POST['close'] == 1 ) ? 1 : 0;

         	$DB->sql_query( "UPDATE " . $db_prefix . "subject SET stick = '$stick_post', close = '$close_post' WHERE id = '" . $subject_row['id'] . "'" );
         }
         /** **/

	if ($member_permission != 0)
	{
		$insert = $DB->sql_query("INSERT INTO " . $db_prefix . "reply(id,title,text,writer,subject_id,write_date,write_time,section,icon,gmt_time,subscribe) VALUES('NULL','" . $_POST['T1'] . "','" . $_POST['S1'] . "','" . $SF->SafeSQL($member_row['username']) . "','" . $subject_row['id'] . "','" . $date . "','" . $now . "','" . $subject_row['section'] . "','" . $_POST['R1'] . "','" . $gmttime . "','" . $_POST['subs'] . "')");
	}
         if ($member_permission == 0)
         {
             $insert = $DB->sql_query("INSERT INTO " . $db_prefix . "reply(id,title,text,writer,subject_id,write_date,write_time,section,icon,gmt_time) VALUES('NULL','" . $_POST['T1'] . "','" . $_POST['S1'] . "','زائر','" . $subject_row['id'] . "','" . $date . "','" . $now . "','" . $subject_row['section'] . "','" . $_POST['R1'] . "','" . $gmttime . "')");
         }

         $replyid = $DB->sql_insert_id($insert);

         $inseru = $DB->sql_query("UPDATE " . $db_prefix . "attach set subject_id='" . $replyid . "',reply='1' where temp='" . $SF->SafeSQL($_GET['temp_']) . "'");

         
$msg_select = $DB->sql_query("SELECT * FROM `" . $db_prefix . "emailmsgs` WHERE id=6");
$msg_row = $DB->sql_fetch_array($msg_select);
$msg_cont = $msg_row['text'];
$msg_cont = str_replace("[Replier]",$member_row['username'],$msg_cont);
$msg_cont = str_replace("[id]",$subject_row['id'],$msg_cont);
$msg_cont = str_replace("[title]",$subject_row['title'],$msg_cont);
$msg_cont = str_replace("[url]",$info_row['contactus_link'],$msg_cont);
$msg_title = str_replace("[title]",$subject_row['title'],$msg_row['title']);

$sw_select = $DB->sql_query("SELECT * FROM " . $db_prefix . "member WHERE username='" . $subject_row['writer'] . "'");
$sw_row = $DB->sql_fetch_array($sw_select);







if ($insert)
{
if ($subject_row['subscribe'] == 1)
{
if ($subject_row['writer'] != $member_row['username'])

{
$SF->mail($sw_row[email],$msg_title,$msg_cont,$info_row[send_email]);
}
}

$replier_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "reply WHERE subject_id='" . $subject_row['id'] . "' AND subscribe='1' AND (writer<>'" . $SF->SafeSQL($member_row['username']) . "' AND writer<>'" . $subject_row['writer'] . "')");
$replier_num = $DB->sql_num_rows($replier_query);
if ($replier_num < 1)
{
# Do nothing !!
}else{
$repliers = array();
$i=0;
while ($replier_row = $DB->sql_fetch_array($replier_query))
{
if(!in_array('$replier_row[writer]',$repliers))
{
$repliers[$i] = $replier_row['writer'];
}else{
#Do Nothing :D
}

}

$i = count($repliers);
$n = 0;
while ($n<$i)
{
$rmember_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "member WHERE username='" . $repliers[$n] . "'");
$rmember_row = $DB->sql_fetch_array($rmember_query);
$SF->mail($rmember_row[email],$msg_title,$msg_cont,$info_row[send_email]);
$n++;
}


}
$update = $DB->sql_query("UPDATE " . $db_prefix . "subject SET write_time='" . $now . "' WHERE id='" . $subject_row['id'] . "'");
             if ($update)
             {
                 $update  = $DB->sql_query("UPDATE " . $db_prefix . "member SET posts=posts+1,lastpost_time='".time()."' WHERE username='" . $SF->SafeSQL($member_row['username']) . "'");
                 $update2 = $DB->sql_query("UPDATE " . $db_prefix . "subject SET reply_number=reply_number+1,wr_date='$date' WHERE id='$id'");

                 $RP->SetPagerN($info_row['subject_perpage'],$DB->sql_num_rows($DB->sql_query("SELECT * FROM " . $db_prefix . "reply WHERE subject_id='" . $subject_row['id'] . "' AND  delete_topic <> 1")));

                 $page  = explode('|',$RP->PageNum_source());
                 $start = $page[0];
                 $page  = $page[1];

                 if (empty($start) or empty($page))
                 {
                     $start = 0;
                     $page  = 0;
                 }

                 if ($groupper_row['usertitle_change'] == 1)
                 {
                     $getusertitle_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "usertitle WHERE posts>='" . $member_row['posts'] . "'");
                     $getusertitle_row   = $DB->sql_fetch_array($getusertitle_query);
                     $getusertitle_num   = $DB->sql_num_rows($getusertitle_query);

                     if ($getusertitle_num > 0)
                     {
                         $update_usertitle = $DB->sql_query("UPDATE " . $db_prefix . "member SET user_title='" . $SF->SafeSQL($getusertitle_row['usertitle']) . "' WHERE username='" . $SF->SafeSQL($member_row['username']) . "'");
                     }
                 }

                 $update_last = $DB->sql_query("UPDATE " . $db_prefix . "section SET last_writer='" . $SF->SafeSQL($member_row['username']) . "',last_subject='" . $SF->SafeSQL($SF->titlecut($subject_row['title'],28)) . "',last_subjectid='" . $subject_row['id'] . "',last_date='" . $date . "' WHERE id='" . $subject_row['section'] . "'");

                 if ($section_row['sub_section'] == 1)
                 {
                     $update_last = $DB->sql_query("UPDATE " . $db_prefix . "section SET last_writer='" . $SF->SafeSQL($member_row['username']) . "',last_subject='" . $SF->SafeSQL($SF->titlecut($subject_row['title'],28)) . "',last_subjectid='" . $subject_row['id'] . "',last_date='" . $date . "' WHERE id='" . $section_row['from_sub_section'] . "'");
                     $updateforums         =         $SF->UpdateSubForums();
                 }

                     $updateforums         =         $SF->UpdateForumsArray();


                 $updatelastreplyarray = $SF->UpdateLastReplyArray();
                 $update_replier = $DB->sql_query("UPDATE " . $db_prefix . "subject SET last_replier='" . $SF->SafeSQL($member_row['username']) . "',lastreply_date='" . $date . "' WHERE id='" . $subject_row['id'] . "'");

                 $update_info = $DB->sql_query("UPDATE " . $db_prefix . "info SET reply_number=reply_number+1 WHERE id='1'");

                 if ($updateforums)
                 {

					$Smarty->assign('msgg','طُرِحَ الرد بنجاح، ستُنقَل إلى الموضوع بعد ثواني'); 
                	$Smarty->assign('GO','show.php?main=1&id=' . $id . $url_password . '&start=' . $start . '&page=' . $page .'#'.$replyid);
					$SF->go_to('show.php?main=1&id=' . $id . $url_password . '&start=' . $start . '&page=' . $page . '#'.$replyid,2);              
                    $Smarty->display('loading.tpl');

                    $Smarty->display('footer.tpl');
                 }
             }
         }
    }

?>